CyberNews
Apple expected to launch revamped iPad model at May 7th event
Apple will hold an event on May 7 amid reports that it will roll out the long-anticipated revamped versions of iPad Pro and iPad Air next month.
CyberNews
Apple will hold an event on May 7 amid reports that it will roll out the long-anticipated revamped versions of iPad Pro and iPad Air next month.
CyberNews
The upcoming total solar eclipse on April 8th has sparked rumors of strained electric grids and jammed cellphone towers Is there any truth to the rumors?
CyberNews
A database, allegedly containing the data of 10,000 Home Depot employees, has been posted by the malicious actor IntelBroker on the illicit forum BreachForums.
CyberNews
Global fashion company Benetton Group has allegedly been attacked by the ransomware gang Hunters International.
CyberNews
Multiple Apple services, including the App Store, Apple TV+, and Apple Music, were down on Wednesday for users in the US, according to the company's status page.
Trend Micro
Our new article provides key highlights and takeaways from Operation Cronos' disruption of LockBit's operations, as well as telemetry details on how LockBit actors operated post-disruption.
CyberNews
In 2016, Facebook launched a secret project to acquire, decrypt, transfer, and use private, encrypted in-app analytics from Snapchat, YouTube, and Amazon.
CyberNews
CertyAI exposed an environment file revealing OpenAI API key and Photoroom API key.
CyberNews
Zapping.com, a Chilean online television company, has leaked the sensitive data of over 100,000 of its customers.
HACKRead
Users of Meta Platforms including Facebook, Instagram, Messenger, and Threads, are currently experiencing difficulties accessing their accounts.
CyberNews
“Netlify just sent me a $104K bill for a simple static site,” they wrote after falling victim to a DDoS attack.
Infosecurity News
Law enforcement agencies involved in Operation Cronos have announced they have been in contact with the LockBit kingpin aka LockbitSupp
CyberNews
Various London Stock Exchange Group (LSEG) news and currency trading platforms around the world suffered brief outages as European markets opened on Thursday.
Security Affairs
Law enforcement provided additional details about the Operation Cronos that led to the disruption of the Lockbit ransomware operation
Infosecurity News
The attack, which has been claimed by Anonymous Sudan, has been confirmed to have impacted IT services at the universities of Cambridge and Manchester
Infosecurity News
UK’s National Crime Agency has led an international operation to disrupt the Lockbit ransomware group
CSO
LockBit websites displayed a takeover message by authorities, teasing full operation disclosure.
DataBreaches
On Monday afternoon, LockBit3.0’s dark web blog was replaced by a 404 message and then a seizure notice: The notice reads: The Site is Now Under Control...
HACKRead
All known dark web domains operated by the notorious LockBit Ransomware Gang are displaying a law enforcement seizure notice.
Security Affairs
An international law enforcement operation codenamed 'Operation Cronos' led to the disruption of the LockBit ransomware operation.
CyberNews
X ended the ban on searches for Taylor Swift Monday evening, in place after fake sexually explicit images of Swift proliferated on the platform last week.
CyberNews
Moscow internet provider Akado is hacked by the volunteer IT Army of Ukraine knocking out wifi access for Putin’s administration, intel, security agencies, and more.
CyberNews
Team Liquid's Liquipedia data leak expose thousands of users.
CyberNews
Ultra I&C breach confirmed to the Swiss media.
CyberNews
Ukraine says it crippled Russia's taxation system.
CyberNews
The US military's secretive X-37B robot spaceplane 7th mission is postponed Monday evening, the vehicle's first launch atop a SpaceX Falcon Heavy rocket.
CyberNews
ALPHV/BlackCat is speculated to have been infiltrated by law enforcement.
CyberNews
DiDi Global, the multi-app transportation platform, said its ride-hailing application in China experienced a 'systems malfunction,' leaving millions of riders stranded.
CyberNews
Ardent Health Services hospitals deal with disruptions.
CyberNews
A disinformation campaign, run or backed by Russia, has been using the Israel-Hamas war to try to create tensions elsewhere in the world.
Bleeping Computer
The popular Zero2Automated malware analysis and reverse-engineering course has a Black Friday 2023 through Cyber Monday sale, where you can get 25% off sitewide, including gift certificates and courses.
CyberNews
Attackers claim to have breached the Idaho National Laboratory, a nuclear facility.
The Record
Cryptocurrency trading and investment firm Kronos Research said $26 million worth of cryptocurrency was stolen from its systems following a cyberattack.
Bleeping Computer
An updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil and gas firms and the defense industry in Eastern Europe.
Cyber Security News
A new Zero-day vulnerability (CVE-2023-20198) in Cisco IOS XE's Web UI feature that affects devices with exposed HTTP/HTTPS Server functionality.
Bleeping Computer
Microsoft is investigating Exchange Online mail delivery issues causing "Server busy" errors and delays when receiving emails from outside organizations.
Cyber Security News
The iPhone of Galina Timchenko, the co-founder, CEO, and publisher of the Russian independent media outlet Meduza was found to have NSO Group's Pegasus spyware.
The Hacker News
Russian journalist Galina Timchenko's iPhone hacked with NSO Group's Pegasus spyware
Ars Technica
Windows Secure Time Seeding resets clocks months or years off the correct time.
DataBreaches
The following is a law firm-generated press release about a case they have filed. Keeping in mind that a complaint is allegations that have yet to be proven or...
Bleeping Computer
The Avos ransomware gang hijacked Bluefield University's emergency broadcast system, "RamAlert," to send students and staff SMS texts and email alerts that their data was stolen and would soon be released.
DataBreaches
Updated May 3: Avos Locker subsequently added the university to its leak site with a message: “1.2 TB data from a college with cyber insurance policy...
Ars Technica
The threat is serious enough to warrant a manual check ASAP.
The Hacker News
More than a dozen security flaws have been disclosed in Akuvox E11, a smart intercom product.
Bleeping Computer
Microsoft's WinGet package manager is currently having problems installing or upgrading packages after WinGet CDN's SSL/TLS certificate expired.
The DFIR Report
In this intrusion from August 2022, we observed a compromise that was initiated with a Word document containing a malicious VBA macro, which established persistence and communication to a command … Read More
Naked Security
It’s a really cool and super-simple trick. The question is, “Will it help?”
Infosecurity News
Developer warns of another open source supply chain attack
Security Affairs
Threat actors compromised the PyTorch Machine Learning Framework by adding a malicious dependency. The maintainers of the PyTorch package warn of a supply chain attack. Users who have installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, to uninstall it and use the latest binaries. “If you installed PyTorch-nightly on […]
The Hacker News
PyTorch, a well-known machine learning framework, fell victim to a supply chain attack between Dec. 25 and Dec. 30, 2022
The Hacker News
More zero knowledge attacks, more leaked credentials, more Gen-Z cyber crimes - 2022 trends and 2023 predictions.
Bleeping Computer
Zero2Automated, the creators of the popular malware analysis and reverse-engineering course, is having a Christmas special where you can get 20% off all courses on their site, with additional goodies thrown in.
The DFIR Report
In June of 2022, we observed a threat actor gaining access to an environment via Emotet and operating over a eight day period. During this time period, multiple rounds of … Read More
DataBreaches
On November 3, Thales claimed that they had found no evidence to confirm any claim that LockBit 3.0 had breached their system. Today, LockBit 3.0 dumped some...
Naked Security
Heartfelt encouragement to embrace RFC 3339 – find out why!
Naked Security
Heartfelt encouragement to embrace RFC 3339 – find out why!
Bleeping Computer
Windows servers and workstations at dozens of organizations started to crash earlier today because of an issue caused by certain versions of VMware's Carbon Black endpoint security solution.
Bleeping Computer
Offensive Security has released Kali Linux 2022.3, the third version of 2022, with virtual machine improvements, Linux Kernel 5.18.5, new tools to play with, and improved ARM support.
Bleeping Computer
Offensive Security has released Kali Linux 2022.3, the third version of 2022, with virtual machine improvements, Linux Kernel 5.18.5, new tools to play with, and improved ARM support.
ZDNet
Politicians lie, everyone knows it, but when the concept in question is how democracy works, it's a serious matter.
Infosecurity News
Hacker group Killnet has targeted approximately 50 Italian institutions, including the council of judiciary
The DFIR Report
In early February 2022, we witnessed an intrusion employing Gootloader (aka GootKit) as the initial access vector.The intrusion lasted two days and comprised discovery, persistence, lateral movement, collection, defense evasion, credential access and command and control activity.
SecurityWeek
Internet and phone services were down or running slowly in several French cities on Aril 27th after fibre optic cables were cut overnight in suspected attacks on the crucial data infrastructure
ZDNet
Hackers have started to use the Spring4Shell flaw to install Mirai malware on vulnerable systems.
Security Affairs
Experts warn of a Mirai-based botnet exploiting the recently discovered Spring4Shell vulnerability in attacks in the wild. Trend Micro Threat Research reported that the recently discovered Spring4Shell vulnerability (CVE-2022-22965) is actively exploited by a Mirai-based botnet. Researchers from Chinese cybersecurity firm Qihoo 360 first reported the exploitation of the Spring4Shell by a Mirai-based botnet in early April. […]
Infosecurity News
Finnish ministries of foreign affairs and defense forced offline earlier today by DDoS attacks
The Hacker News
Maintainers of Spring Framework have released an emergency patch to address a newly disclosed remote code execution flaw.
ZDNet
A combination of resourcing, government initiatives, and innovation will mean some organisations are able to handle cyber threats in real time -- and then there is everyone else.
SecurityWeek
Israel's National Cyber Directorate said that the country has suffered a cyber attack that briefly took down a number of government websites.
ZDNet
Updated: Mykhailo Fedorov requests the severance of business relationships with Russia, and Oracle takes this step.
Bleeping Computer
Five major Canadian banks went offline for hours blocking access to online and mobile banking as well as e-transfers for customers. The banks hit by the outage include Royal Bank of Canada (RBC), BMO (Bank of Montreal), Scotiabank, TD Bank Canada, and the Canadian Imperial Bank of Commerce (CIBC).
ZDNet
Researchers with Trellix named the malware involved "Graphite" because it uses Microsoft's Graph API to leverage OneDrive as a command and control server
ThreatPost
It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks.
Bleeping Computer
Since Thursday evening, Google has been investigating reports of customers having issues enrolling their Chromebooks with a network error.
Bleeping Computer
Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster.
Bleeping Computer
Exploit code that could be used for remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 has been released today and attackers are already using it.
The DFIR Report
In this intrusion, we will take a look at a Trickbot infection, where soon after gaining access, the threat actor started to enumerate the target network and dump credential information. A setup file, which attempted to masquerade as a legitimate software installer, was deployed on several systems to fetch additional Cobalt Strike beacons.
DataBreaches
Warren Dillaway reports that that the city is investigating a breach. In a statement the city issued, they wrote: “Early Friday morning, July 16, 2021, the...
The DFIR Report
In June, we saw another threat actor utilize IcedID to download Cobalt Strike (CS), which was used to pivot to other systems in the environment. Similar to the Sodinokibi case, anti-virus (AV) slowed down the attackers. AV frustrated them to the point where they temporarily left the environment.